package bookshop.controller.backend;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import bookshop.domain.Manager;
import bookshop.service.ManagerService;
import bookshop.service.impl.ManagerServiceImpl;

public class SecurityServlet extends HttpServlet {

	public void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {

		response.setContentType("text/html;charset=utf-8");
		request.setCharacterEncoding("utf-8");
		response.setCharacterEncoding("utf-8");

		String act = request.getParameter("act").trim();
		// 去登陆界面
		if ("toLogin".equals(act)) {
			String id = "";
			String pwd = "";

			Cookie[] cookies = request.getCookies();
			for (Cookie cookie : cookies) {
				String name = cookie.getName();
				if ("userLogin".equals(name)) {
					id = cookie.getValue().split("-")[0];
					pwd = cookie.getValue().split("-")[1];
					request.setAttribute("id", id);
					request.setAttribute("pwd", pwd);
				}
			}

			request.getRequestDispatcher("jsps/backend/login.jsp").forward(
					request, response);
		} else if ("login".equals(act)) { // 尝试登陆
			String keep = request.getParameter("keep");
			String loginId = request.getParameter("loginid");
			String loginPwd = request.getParameter("loginpwd");
			ManagerService managerService = new ManagerServiceImpl();
			Manager manager = managerService.getManagerById(loginId);
			String errMsg = null;

			if (manager == null) {
				errMsg = "没有这个用户存在,请检查!";
			} else {
				if(manager.getStatus().equals("N"))
					{errMsg = "账户已被冻结!";}
				else if (!manager.getLoginPwd().equals(loginPwd))
					errMsg = "密码不正确，请检查大小写!";
			}
			
			
			

			Cookie[] cookies = request.getCookies();
			if (errMsg == null) {

				if (keep != null) {
					for (Cookie cookie : cookies) {
						String name = cookie.getName();
						if ("userLogin".equals(name)) {
							cookie.setValue(loginId + "-" + loginPwd);
							response.addCookie(cookie);
						} else {
							Cookie cookieuser = new Cookie("userLogin", loginId
									+ "-" + loginPwd);
							cookieuser.setMaxAge(7 * 3600 * 24);
							response.addCookie(cookieuser);
						}
					}
				} else {
					for (Cookie cookie : cookies) {
						String name = cookie.getName();
						if ("userLogin".equals(name)) {
							cookie.setMaxAge(0);
							response.addCookie(cookie);
						}
					}
				}

				request.getSession().setAttribute("loginedMgr", manager);
				response.sendRedirect("securityMgr?act=mainscreen"); // 所谓的重定向，就是帮助用户发起一个对服务器的全新的请求。

			} else {
				for (Cookie cookie : cookies) {
					String name = cookie.getName();
					if ("userLogin".equals(name)) {
						cookie.setMaxAge(0);
						response.addCookie(cookie);
					}
				}
				request.setAttribute("errMsg", errMsg);
				request.getRequestDispatcher("jsps/backend/login.jsp").forward(
						request, response);
			}

		} else if ("mainscreen".equals(act)) { // 登陆成功，去主界面
			request.getRequestDispatcher("jsps/backend/main.jsp").forward(
					request, response);
		} else if ("logout".equals(act)) {
			request.getSession().removeAttribute("loginedMgr");
			request.getSession().invalidate();
			response.sendRedirect("securityMgr?act=toLogin");
		}

	}

	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {

		this.doGet(request, response);
	}

}
